Re: [PATCH v5 11/12] x86/tdx: Don't write CSTAR MSR on Intel

[Kuppuswamy, Sathyanarayanan]

On 8/4/21 11:31 AM, Sean Christopherson wrote:
> > On Intel CPUs writing the CSTAR MSR is not really needed. Syscalls
> > from 32bit work using SYSENTER and 32bit SYSCALL is an illegal opcode.
> > But the kernel did write it anyways even though it was ignored by
> > the CPU. Inside a TDX guest this actually leads to a #GP. While the #GP
> > is caught and recovered from, it prints an ugly message at boot.
> > Do not write the CSTAR MSR on Intel CPUs.
> Not that it really matters, but...
>
> Is #GP the actual TDX-Module behavior?  If so, isn't that a contradiction with

No, #GP is triggered by guest.

> respect to the TDX-Module architecture?  It says:
>
>    guest TD access violations to MSRs can cause a #GP(0) in most cases where the
>    MSR is enumerated as inaccessible by the Intel TDX module via CPUID
>    virtualization.  In other cases, guest TD access violations to MSRs can cause
>    a #VE.
>
> Given that there is no dedicated CPUID flag for CSTAR and CSTAR obviously exists
> on Intel CPUs, I don't see how the TDX-Module can possible enumerate CSTAR as
> being inaccessible.
>
> Regardless of #GP versus #VE, "Table 16.2 MSR Virtualization" needs to state the
> actual behavior.

Even in this case, it will trigger #VE. But since CSTAR MSR is not supported, write
to it will fail and leads to #VE fault.

File: arch/x86/kernel/traps.c

1183 DEFINE_IDTENTRY(exc_virtualization_exception)
1201         if (!ret)
1202                 ret = tdg_handle_virtualization_exception(regs, &ve);
1203         /*
1204          * If tdg_handle_virtualization_exception() could not process
1205          * it successfully, treat it as #GP(0) and handle it.
1206          */
1207         if (ret)
1208                 ve_raise_fault(regs, 0);

--
Sathyanarayanan Kuppuswamy
Linux Kernel Developer